02 Dec IBM And Bank Of America Are Developing A Financial Services-Ready Public Cloud
Most of my cloud analysis has consisted of horizontal IaaS, PaaS and SaaS solutions. While most technology markets start vertically until the shared vertical elements connect to create horizontal opportunities, the cloud market has done quite so far in its horizontal orientation. The current cloud market has addressed 20% of IT workloads, but the other 80% of those workloads aren’t in a cloud. Yet. There are many reasons for this, but many times, a horizontal cloud doesn’t yet meet the needs of a highly-regulated industry like banking. IBM sees this and is creating what it is calling as “the world’s first financial services-ready public cloud” and partnering with Bank of America, who is a committed collaborator and who will be the first customer to use it. Interesting, right?
It might help to review some of the unique needs of financial institutions to appreciate why this sector might need something special in the cloud. Banks are regulated like no other industry short of healthcare because so much is at stake. Did you know banks have regulated uptime for its systems? Banking regulators are chronically crawling all over banks in what seems like perpetuity for some very good reasons. In Bank of America’s case, there are 2.354T reasons as it holds $2.354T in assets across 66M customers. Here are a few data points to illustrate this:
- Accenture reports that financial services losses due to cyber-crime will be $700B over the next five years
- BCG reports that $321B of fines were paid by banks for not meeting regulations from 2009 to 2017
- Thomas Reuters reports that VCs invested $39B in financial technology startups in 2018
This doesn’t mean banks can just stand still, lock down their systems at the risk of under-serving their customers. Banks need to transform the experience just like consumer demands and technology has transformed media, shopping, and transportation industries. Like media, shopping and transportation, to transform the experience, banks need to improve their agility and do things faster while protecting security and privacy, complying with the regulators and with uptime guarantees. Easy, right? Not really.
I’d like to start with what the horizontal IBM Cloud offers and then talk about how the Financial Services-read public cloud adds on top of it. The IBM Cloud already offers a rich set of enterprise-grade security services including the highest level of encryption (KYOK, BYOK). IBM Cloud also offers a security SaaS offering called Hyper Protect Crypto Services that allows firms to take control of their cloud data encryption keys (so IBMers cannot access customer data) and cloud hardware security modules, and is the only service in the industry built on FIPS 140-2 Level 4-certified hardware. IBM’s Promontory Financial Group brings deep regulatory and compliance expertise to this offering, allowing IBM to guarantee that it can provide documented compliance with all applicable regulatory regimes. Not some, a few but all. The IBM Cloud currently serves over 2,000 VMware-based customer apps and 1,000 customers over 16,000 Kubernetes clusters.
IBM says for its Financial-Services-ready public cloud it will add a stringent, financial services policy framework, financial-grade resiliency and offer a large catalog of financial ISV and SaaS solutions. Neither IBM or Bank of America named these ISV or SaaS players, but I have a sense they will be current financial ISVs plus a crop of FinTech startups. You see, many financial ISVs have to create bespoke solutions per banking customer as they have unique requirements for security, compliance and auditing driven by different countries and even different states. You can imagine how hard that would be for a startup. Many of the incumbent banking ISVs aren’t cloud-native and I think this could be an opportunity to modernize in a lower-cost fashion across a multitude of end customers.
IBM will start the Financial Services-ready public cloud with three environments; VMware, cloud-native, and Red Hat OpenShift as its primary Kubernetes solution and says it will support 190 API driven, cloud-native PaaS services to create new apps. These environments make a lot of sense given these are the current and future environments I hear the banking industry talking about. For what it is worth, the financial services industry considers Red Hat its operating system.
I think it’s important to remind readers of IBM’s prowess in certain industries and workloads as you consider the applicability of the IBM Financial Services-ready public cloud. In October, I met with the IBM Z team and they shared with me that IBM runs daily:
- 30B transactions
- 400M retail transaction
- 79M ATM transactions
- 1M hotel nights
- 87% of all credit card transactions
Do you see the pattern here? IBM is very successful in regulated, financial workloads and transactions that require the highest levels of security, privacy, regulatory compliance and resilience. It understands these environments like no other vendor. The company wants to bring this experience to its Financial Services-ready public cloud.
We are in an interesting time in the IT industry in that many of the easier workloads have already moved to the public cloud and the harder and legacy applications remain on-prem. Regardless of data and compute location, enterprises need to move as quickly as possible to a cloud model to enable higher levels of speed and agility. Financial institutions are having a harder time doing this because the security, compliance, privacy and resiliency requirements are so high they serve as a drag and slow transformation down. IBM, a company with over a 100-year legacy in financial institutions and currently a leader in secure financial transactions seeks to speed everything up with its Financial Services-ready public cloud. It isn’t going at it alone, it is doing it with the US’s second-largest bank with 66M customers and $2.354T in assets. This is a first look at what IBM and Bank of America want to create and as soon as I get more details before and after GA, I will share those insights.